public function run() { // system name must be defined and valid if (!isset($this->application->parameters['file'])) { throw new ApplicationException('System name of the file is missing.', 400); } if (!ApplicationModel_File::validateSystemName($this->application->parameters['file'])) { throw new ApplicationException('System name of the file is invalid.', 400); } $systemName = $this->application->parameters['file']; // load file's information $file = new ApplicationModel_File($this->application); $file->setType(ApplicationModel_File::TYPE_SOURCE); $file->setSystemName($systemName); try { $file->load(); } catch (ApplicationModelException_File $e) { // file does not exist in the database, but if the file exists in the filesystem, then fill the model with default data $file->setTime(time()); $file->setDescription(''); try { $file->setExtension(pathinfo($file->getSystemName(), PATHINFO_EXTENSION)); $file->setName(basename($file->getSystemName(), '.' . $file->getExtension())); } catch (ApplicationModelException_File $e) { // we have got problems with file's name/extension $file->setExtension('txt'); $file->setName('untitled'); } // if the file does not exist both in db and in fs, this is a problem if (!is_file($file->getPath())) { throw new ApplicationException('File is not found.', 404); } } // load file's owner try { $fileUploader = $file->getUploader(); $owner = new ApplicationModel_User($this->application); $owner->setId(ApplicationModel_User::getIdForUuid($this->application, $fileUploader)); $owner->load(); } catch (ApplicationModelException_File $e) { // file has no defined owner $owner = null; } catch (ApplicationModelException_User $e) { // file has the owner, but it cannot be loaded throw new ApplicationException('Cannot load the owner of the file.', 500); } // render html $view = new ApplicationView($this->application, $this->application->path . '/views/file_source_view.php'); $view->url = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $view->owner = $owner; $view->file = $file; $view->fileData = file_get_contents($file->getPath()); // choose the right color scheme $view->isDarkColorScheme = true; if (isset($this->application->parameters['light'])) { $view->isDarkColorScheme = false; } // display html $view->render(); }
public function run() { // file id must be defined and valid if (!isset($this->application->parameters['file'])) { throw new ApplicationException('File identifier is missing.', 400); } $fileId = (int) $this->application->parameters['file']; if (!ApplicationModel_File::validateId($fileId)) { throw new ApplicationException('Id of the file is invalid.', 400); } // user must be authorized if (!isset($_SESSION['authorized_user_id'])) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /login.php'; $this->application->outputContent = ''; return; } // load user's information $user = new ApplicationModel_User($this->application); try { $user->setId($_SESSION['authorized_user_id']); $user->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load user.', 500); } // load file's information $file = new ApplicationModel_File($this->application); try { $file->setId($fileId); $file->load(); } catch (ApplicationModelException_File $e) { throw new ApplicationException('File is not found.', 404); } // load file owner's information try { $owner = new ApplicationModel_User($this->application); $owner->setId(ApplicationModel_User::getIdForUuid($this->application, $file->getUploader())); $owner->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load file\'s owner.', 500); } // authorized user must be the owner of the file if ($user->getId() != $owner->getId()) { throw new ApplicationException('Cannot delete file which belongs to a different user.', 403); } // delete the file from the database and filesystem unlink($file->getPath()); $file->delete(); // redirect user back to his account $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /account.php'; $this->application->outputContent = ''; }
public function run() { // file id must be defined and valid if (!isset($this->application->parameters['file'])) { throw new ApplicationException('File identifier is missing.', 400); } $fileId = (int) $this->application->parameters['file']; if (!ApplicationModel_File::validateId($fileId)) { throw new ApplicationException('Id of the file is invalid.', 400); } // user must be authorized if (!isset($_SESSION['authorized_user_id'])) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /login.php'; $this->application->outputContent = ''; return; } // load user's information $user = new ApplicationModel_User($this->application); try { $user->setId($_SESSION['authorized_user_id']); $user->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load user.', 500); } // load file's information $file = new ApplicationModel_File($this->application); try { $file->setId($fileId); $file->load(); } catch (ApplicationModelException_File $e) { throw new ApplicationException('File is not found.', 404); } // load file owner's information try { $owner = new ApplicationModel_User($this->application); $owner->setId(ApplicationModel_User::getIdForUuid($this->application, $file->getUploader())); $owner->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load file\'s owner.', 500); } // authorized user must be the owner of the file if ($user->getId() != $owner->getId()) { throw new ApplicationException('Cannot edit file which belongs to a different user.', 403); } // render the html $view = new ApplicationView($this->application, $this->application->path . '/views/file_edit.php'); $view->user = $user; $view->file = $file; $view->allowedExtensions = $this->application->config['file_extensions']; $view->render(); }
public function run() { $uuid = ''; if (!isset($this->application->parameters['uuid'])) { $uuid = ''; } else { $uuid = $this->application->parameters['uuid']; } if (empty($uuid) || !ApplicationModel_User::validateUuid($uuid)) { // unvalid uuid throw new ApplicationException('Invalid client uuid.', 400); } if (empty($uuid) && isset($_SESSION['authorized_user_id'])) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /account.php'; $this->application->outputContent = ''; return; } $view = new ApplicationView($this->application, $this->application->path . '/views/user_register.php'); $view->uuid = $uuid; if (isset($this->application->parameters['login'])) { $view->login = $this->application->parameters['login']; } elseif (isset($_SESSION['authorized_user_login'])) { $view->login = $_SESSION['authorized_user_login']; } else { $view->login = ''; } $view->render(); }
/** * Returns the id of the user to which the selected UUID belongs. If selected UUID does not exist, an * exception with code self::ERROR_NOTFOUND_UUID will be thrown. */ public static function getIdForUuid(&$application, $uuid) { // uuid must be valid if (!ApplicationModel_User::validateUuid($uuid)) { throw new ApplicationModelException_File('UUID is invalid.', self::ERROR_INVALID_UUID); } // use id lookup key $userUuidKey = new Rediska_Key('user_uuid_' . $uuid); if ($userUuidKey->getValue() === null) { throw new ApplicationModelException_File('UUID is invalid.', self::ERROR_NOTFOUND_UUID); } return $userUuidKey->getValue(); }
public function run() { // user must be authorized if (!isset($_SESSION['authorized_user_id'])) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /login.php'; $this->application->outputContent = ''; return; } // load user's information $user = new ApplicationModel_User($this->application); try { $user->setId($_SESSION['authorized_user_id']); $user->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException($e->getMessage(), 500); } // get the page number if (isset($this->application->parameters['page'])) { $page = (int) $this->application->parameters['page']; } else { $page = 1; } if ($page <= 0) { $page = 1; } // build list of files, this user owns $userUuids = $user->getUuids(); $userFiles = array(); $fileLoadQueueTimestamps = array(); $fileLoadQueue = array(); foreach ($userUuids as $time => $uuid) { $userUuidFileIds = ApplicationModel_File::getIdsForUploader($this->application, $uuid); $userFiles = array_merge($userFiles, $userUuidFileIds); } foreach ($userFiles as $userFile) { if ($userFile["value"] != "virtual") { $fileLoadQueue[] = (int) substr($userFile["value"], strlen('file_')); } $fileLoadQueueTimestamps[] = (int) $userFile["score"]; } array_multisort($fileLoadQueueTimestamps, SORT_DESC, $fileLoadQueue, SORT_ASC); // make sure that the requested page number is not too high $totalPages = ceil(count($fileLoadQueue) / $this->application->config['user_files_per_page']); if ($page > $totalPages) { $page = 1; } // cut off the part of the file list which we need to display on selected page $fileLoadQueue = array_slice($fileLoadQueue, ($page - 1) * $this->application->config['user_files_per_page'], $this->application->config['user_files_per_page']); // load file information for every file which we need to display on this page foreach ($fileLoadQueue as $fileId) { try { // load file $file = new ApplicationModel_File($this->application); $file->setId($fileId); $file->load(); // put it into the list of user's files $files[] = $file; } catch (ApplicationModelException_File $e) { // skip this file } } // render the html $view = new ApplicationView($this->application, $this->application->path . '/views/user_files.php'); $view->user = $user; $view->files = $files; $view->currentPage = $page; $view->totalPages = $totalPages; $view->render(); }
public function run() { $uuid = ''; if (!isset($this->application->parameters['uuid'])) { $uuid = ''; } else { $uuid = $this->application->parameters['uuid']; } if (empty($uuid) || !ApplicationModel_User::validateUuid($uuid)) { // unvalid uuid throw new ApplicationException('Invalid client uuid.', 400); } $login = ''; $loginBad = false; $passwordBad = false; if (!isset($this->application->parameters['login'])) { $loginBad = true; } else { $login = $this->application->parameters['login']; if (!ApplicationModel_User::validateLogin($login)) { $loginBad = true; } } if (!isset($this->application->parameters['password'])) { $passwordBad = true; } else { $password = $this->application->parameters['password']; if (!ApplicationModel_User::validatePassword($password)) { $passwordBad = true; } } // login must be valid $success = !$loginBad && !$passwordBad; $passwordWrong = false; $registerUser = false; if ($success) { $user = new ApplicationModel_User($this->application); try { // try to load user with selected login $user->setLogin($login); $user->load(); } catch (ApplicationModelException_User $e) { // selected login does not exist - create a new user $registerUser = true; } // register a new user if ($registerUser) { $user->setPasswordHash($user->makePasswordHash($password)); $user->save(); } else { if ($user->makePasswordHash($password) != $user->getPasswordHash()) { $passwordWrong = true; } $success = !$passwordWrong; } } // if everything is ok (user has the correct password, etc)... $attachUser = false; $uuidTaken = false; if ($success) { try { // authorize user $_SESSION['authorized_user_id'] = $user->getId(); $_SESSION['authorized_user_login'] = $user->getLogin(); // attach uuid if we have to if (!empty($uuid)) { $attachUser = true; $user->addUuid($uuid, time()); $user->save(); } } catch (ApplicationModelException_User $e) { if ($e->getCode() == ApplicationModel_User::ERROR_TAKEN_UUID) { $uuidTaken = true; } $success = !$uuidTaken; } } // if we have only authorized the user if ($success && !$registerUser && !$attachUser) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /account.php'; $this->application->outputContent = ''; } $view = new ApplicationView($this->application, $this->application->path . '/views/user_register_handler.php'); $view->success = $success; $view->registered = $registerUser; $view->uuid = $uuid; $view->uuidTaken = $uuidTaken; $view->login = $login; $view->loginBad = $loginBad; $view->passwordBad = $passwordBad; $view->passwordWrong = $passwordWrong; $view->render(); }
public function run() { // file id must be defined and valid if (!isset($this->application->parameters['file'])) { throw new ApplicationException('File identifier is missing.', 400); } $fileId = (int) $this->application->parameters['file']; if (!ApplicationModel_File::validateId($fileId)) { throw new ApplicationException('Id of the file is invalid.', 400); } // user must be authorized if (!isset($_SESSION['authorized_user_id'])) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /login.php'; $this->application->outputContent = ''; return; } // filename must be present and valid $name = ''; $nameBad = false; if (!isset($this->application->parameters['name'])) { $nameBad = true; } else { $name = $this->application->parameters['name']; if (!ApplicationModel_File::validateName($name)) { $nameBad = true; } } // description must be valid $description = ''; $descriptionBad = false; if (isset($this->application->parameters['description'])) { $description = $this->application->parameters['description']; if (!ApplicationModel_File::validateDescription($description)) { $descriptionBad = true; } } // load user's information $user = new ApplicationModel_User($this->application); try { $user->setId($_SESSION['authorized_user_id']); $user->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load user.', 500); } // load file's information $file = new ApplicationModel_File($this->application); try { $file->setId($fileId); $file->load(); } catch (ApplicationModelException_File $e) { throw new ApplicationException('File is not found.', 404); } // ignore extension for images if ($file->getType() == ApplicationModel_File::TYPE_IMAGE) { $extension = $file->getExtension(); $extensionBad = false; } else { $extension = ''; $extensionBad = false; if (!isset($this->application->parameters['extension'])) { $extensionBad = true; } else { $extension = $this->application->parameters['extension']; if (!$file->validateExtension($extension)) { $extensionBad = true; } } } // load file owner's information try { $owner = new ApplicationModel_User($this->application); $owner->setId(ApplicationModel_User::getIdForUuid($this->application, $file->getUploader())); $owner->load(); } catch (ApplicationModelException_User $e) { throw new ApplicationException('Cannot load file\'s owner.', 500); } // authorized user must be the owner of the file if ($user->getId() != $owner->getId()) { throw new ApplicationException('Cannot edit file which belongs to a different user.', 403); } // check if everything is fine $success = !$nameBad && !$extensionBad && !$descriptionBad; // edit the file if ($success) { try { $file->setName($name); $file->setExtension($extension); $file->setDescription($description); $file->save(); } catch (ApplicationModelException_File $e) { throw new ApplicationException('Cannot save file\'s information.', 500); } // redirect user back to his account $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /account.php'; $this->application->outputContent = ''; return; } // render the html with errors $view = new ApplicationView($this->application, $this->application->path . '/views/file_edit_handler.php'); $view->success = $success; $view->filenameBad = $nameBad; $view->extensionBad = $extensionBad; $view->descriptionBad = $descriptionBad; $view->user = $user; $view->file = $file; $view->name = $name; $view->extension = $extension; $view->description = $description; $view->render(); }
/** * Returns ids and timestamps of all files which have a specified uploader's UUID. Throws an exception with code * self::ERROR_INVALID_UPLOADER if the UUID is invalid. If there are no files for selected UUID, an empty * array will be returned. */ public static function getIdsForUploader(&$application, $uuid) { // uuid must be valid if (!ApplicationModel_User::validateUuid($uuid)) { throw new ApplicationModelException_File('Uploader UUID is invalid.', self::ERROR_INVALID_UPLOADER); } $fileIds = array(); $filesKeySet = new Rediska_Key_SortedSet('uuid_' . $uuid); $fileIdsSet = $filesKeySet->getByRank(true, 0, 20, true); return $fileIdsSet; }
public function run() { $success = true; $use_uuid = false; $register_redirect = false; $uuid = ''; $login = ''; $password = ''; if (!isset($this->application->parameters['login'])) { $success = false; } else { $login = $this->application->parameters['login']; if (!ApplicationModel_User::validateLogin($login)) { $success = false; } } if (!isset($this->application->parameters['password'])) { $success = false; } else { $password = $this->application->parameters['password']; } if (!$success) { if (isset($this->application->parameters['uuid'])) { $uuid = $this->application->parameters['uuid']; if (ApplicationModel_User::validateUuid($uuid)) { $use_uuid = true; } } } if ($success) { $user = new ApplicationModel_User($this->application); try { $user->setLogin($login); $user->load(); } catch (ApplicationModelException_User $e) { $success = false; } } if ($use_uuid) { $success = true; $user = new ApplicationModel_User($this->application); try { $user->setUuid($uuid); $user->load(); } catch (ApplicationModelException_User $e) { $success = false; $register_redirect = true; } } if ($success) { if (!$use_uuid && $user->makePasswordHash($password) != $user->getPasswordHash()) { $success = false; } } if ($success) { $_SESSION['authorized_user_id'] = $user->getId(); $_SESSION['authorized_user_login'] = $user->getLogin(); $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /account.php'; $this->application->outputContent = ''; } elseif ($register_redirect) { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /register.php?uuid=' . $uuid; $this->application->outputContent = ''; } else { $this->application->outputHeaders[] = 'HTTP/1.1 302 Found'; $this->application->outputHeaders[] = 'Location: /login.php?unsuccessful&login='******''; } }